OpenID Connect Provider Configuration Response for example.com can be obtained from https://example.com/issuer1/.well-known/openid-configuration This is a JSON file such as { “authorization_endpoint”: “https://server.example.com/connect/authorize”, “issuer”: “https://server.example.com”, “token_endpoint”:…
View More URI Template in OpenID Connect Provider Configuration ResponseAuthor: Nat
Having been working on Digital Identity since 2000.
Co-author of various identity related specifications like OpenID Connect, JSON Web Token.
Chair of the OpenID Foundation (2011-)
Vice Chair of the OpenID Foundation (2010),
Founder of OpenID Foundation Japan (2008-),
Trustee of Kantara Initiative (2009-).
JSON Schema enhanced OAuth
In the previous post, I wrote about HAL enhanced OAuth. Similar thing can be achieved by using JSON Schema. Many people claim that OAuth 2.0…
View More JSON Schema enhanced OAuthHAL enhanced OAuth 2.0 response – Making OAuth 2.0 slightly more RESTful
Many people claim that OAuth 2.0 is JSON and REST. Well, yes, it is RESTish, but not quite REST. It notably misses the hyperlink capability.…
View More HAL enhanced OAuth 2.0 response – Making OAuth 2.0 slightly more RESTful
Registered Token Profile for OAuth 2.0
So, ID Token in OpenID connect is audience restricted to the client while the OAuth bearer access token is audience restricted to the protected resource.…
View More Registered Token Profile for OAuth 2.0
Requirements to Digital Identity back in 2004
To prepare for the panel discussion at the Cloud Identity Summit 2012, I was looking back to my old blog posts. Then, I found this…
View More Requirements to Digital Identity back in 2004Some of the OpenID Foundation Summit July 2012 videos available
On July 16, 2012, we had OpenID Connect Interop and OpenID Foundation Summit in conjunction with the Cloud Identity Summit 2012, in Vale, Co. Both…
View More Some of the OpenID Foundation Summit July 2012 videos availableAnalyzing Yahoo! Voices Password Leakage
Lot’s of articles appeared on the Yahoo! Voices’ password leakage on the 11th. Many people seem to be assuming that Yahoo!s password has been leaked,…
View More Analyzing Yahoo! Voices Password LeakageTrusted Federal Systems now the NSTIC ID Ecosystem Steering Group Secretariat
I just got this message from NIST 20 minutes ago. Identity Ecosystem Steering Group’s secretariat was awarded to Trusted Federal Systems (TFS). The first in-person meeting…
View More Trusted Federal Systems now the NSTIC ID Ecosystem Steering Group Secretariat
Is Facebook “Like” button tracking you?
Since I am using it on this blog also, I probably should not talk loudly, but I feel creepy about the Facebook “Like” button. If…
View More Is Facebook “Like” button tracking you?Why “privacy” confuses people
Privacy, whether in the east or west, is a word talked in a vague sense leading to much confusion. In this article, I will try…
View More Why “privacy” confuses people
You must be logged in to post a comment.